-
Notifications
You must be signed in to change notification settings - Fork 5
Authentication Keys
Since version 0.6 you can add authentication-keys in your config.php. By using keys, you can implement user roles or different users.
$keys = [
'key-number-one',
'key-number-two'
];Now the api can only be accessed with one of these keys. For example, you could assign one key per user.
You can also add specific permissions to keys.
$keys = [
'key-number-one' => [
'write' => true
],
'key-number-two' => [
'delete_row' => true
];
];Now users with key-number-one can do anything set in the $rights variable, but also "write" in this case.
So, the overall permissions from $rights get inherited and overwritten by key-permissions.
This is very useful, for example to create admins.
When you set one or multiple keys in your config.php, you cant access the api without a key.
You can disable this behavior by setting ALLOW_UNAUTHENTICATED to true.
Then everyone can access the api with overall permissions and in addition to that, you can have special users, with more permissions.
If you don´t want to use authentification-keys, just leave the $keys variable empty, like it is, by default.
Keys should have a length between 12-24 characters and can contain lower and uppercase letters and numbers. You can add symbols, but some special characters might break the function.
You can also use the leya.generateKey function to generate keys.
After adding keys in the config.php file, you have to set the key in your script.
#include leya.ahk
; set your server
leya.server := "http://my-server.com/leya.php"
; set the authentication-key
leya.key := "my-secret-key"